What does an ISP know about what you do?
1) your ISP knows all the IP addresses you connect to. Every website you hit, every mail server you connect to, every IM service you use, every online game, and every person you share anything with over any peer to peer network.
2) the contents of all unencrypted communications can be monitored by your ISP
3) even in encrypted communications, the headers often have to be unencrypted for the communication to be possible, so that could be seen too. An example of this would be encrypted emails - the content of the message will be encrypted, but the to an from addresses cannot be, or else there is no way for the message to be delivered!
The specific question was whether or not it was safe to download "from this site"? Cut93550 makes an interesting point that seems to clinch the argument, but, it doesn't, for one very simple reason. All that has to happen is that someone acting on behalf of the movie studios scours the web and downloads files and compiles a list of URLs of infringing files. That list, which could be built up by millions of bots, and/or people can then be given to your ISP. All they would have to do then is see if you downloaded something on the list.
But - there is some good news - IF you connect to a site over HTTPS (you see the padlock icon), THEN, the query string is encrypted. All anyone watching your traffic would see is that you downloaded SOMETHING from rapidshare, but they can't know what URL you downloaded, and hence can't know whether or not it was on the list.
So, if you want to stop your ISP knowing what you download, use HTTPS where ever possible, and avoid all download sites that work over HTTP. Saddly, most sites work over HTTP, some do allow paid members use HTTPS, but rarely do free users get that privilege.
If you can't use HTTPS because the download site with the file you want doesn't let you, then you are not out of options, but, you are out of easy and efficient options.
Your remaining choices are:
1) use a VPN - VPNs encrypt all the traffic between your house and the vpn server, removing your ISP's ability to snoop on it (but allowing the VPN server's ISP to snoop instead, which is not as bad because that can't trace it back to you, just to the VPN server)
2) use TOR - this will encrypt your traffic between your computer and a randomly chosen exit point somewhere in the world. The ISP for the randomly chosen exit point will again be able to snoop, but, they will have no idea who you are. So they will know SOMEONE downloaded a file on the naughty list, but not who.
The problem is that both VPNs are TOR take time and effort to set up and configure, and it's easy to get things wrong and be unencrypted after all, and worse, they are inefficient, they will both slow your downloads down, ESPECIALLY TOR which is REALLY slow.
People MIGHT suggest you use proxy servers, but they would be giving you bad advice. Proxy servers solve a different problem, the stop the owner of the website you visit knowing who you are, but NOT your ISP knowing where you are going. Proxy servers work over HTTP, so the unecnrypted HTTP requests between you and the proxy server can be read by your ISP, and they contain the URL you are trying to reach via the proxy server, hence giving you exactly zero protection from your ISP.
I hope that makes things clearer and not more confusing,
B.
